[Bug 239250] need to define limits on unix socket control messages

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239250

            Bug ID: 239250
           Summary: need to define limits on unix socket control messages
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs at FreeBSD.org
          Reporter: markj at FreeBSD.org

There are some undocumented limits that apply to control messages over unix
domain sockets, and SCM_RIGHTS messages in particular.

- Control messages must fit in an mbuf cluster, which is MCLBYTES (2KB) in
size.
- Control message data must be natively aligned, so 64-bit kernels are limited
to fewer rights per message than 32-bit kernels.  This can be problematic when
running 32-bit applications on a 64-bit kernel.
- SCM_RIGHTS message contents must be translated to an internalized format
before they can be transmitted.  Specifically, a 4-byte file descriptor is
converted to a pointer, and internalized messages must fit in an mbuf cluster
as well.  So even though we can pack (2048-16)/sizeof(int) FDs in a single
SCM_RIGHTS message on amd64, the kernel can only handle (2048-16)/sizeof(void
*) FDs.

-- 
You are receiving this mail because:
You are the assignee for the bug.